rspec/rules/S4792/description.adoc

Configuring loggers is security-sensitive. It has led in the past to the following vulnerabilities:

* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0285[CVE-2018-0285]
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1127[CVE-2000-1127]
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15113[CVE-2017-15113]
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5742[CVE-2015-5742]

Logs are useful before, during and after a security incident.

* Attackers will most of the time start their nefarious work by probing the system for vulnerabilities. Monitoring this activity and stopping it is the first step to prevent an attack from ever happening.
* In case of a successful attack, logs should contain enough information to understand what damage an attacker may have inflicted.

Logs are also a target for attackers because they might contain sensitive information. Configuring loggers has an impact on the type of information logged and how they are logged.


This rule flags for review code that initiates loggers configuration. The goal is to guide security code reviews.
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`Configuring loggers is security-sensitive. It has led in the past to the following vulnerabilities:`
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space 2020-06-30 14:49:38 +02:00
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0285[CVE-2018-0285]`
			`* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1127[CVE-2000-1127]`
			`* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15113[CVE-2017-15113]`
			`* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5742[CVE-2015-5742]`

			`Logs are useful before, during and after a security incident.`
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space 2020-06-30 14:49:38 +02:00
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`* Attackers will most of the time start their nefarious work by probing the system for vulnerabilities. Monitoring this activity and stopping it is the first step to prevent an attack from ever happening.`
			`* In case of a successful attack, logs should contain enough information to understand what damage an attacker may have inflicted.`

			`Logs are also a target for attackers because they might contain sensitive information. Configuring loggers has an impact on the type of information logged and how they are logged.`

Force linebreaks 2021-02-02 15:02:10 +01:00
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`This rule flags for review code that initiates loggers configuration. The goal is to guide security code reviews.`